Welcome To The WAN Optimization Shell Game

In the early days of Ethernet switch vendors, IT organizations would routinely hear vendors profess to deliver better line rate performance at 20 percent less than the market leader. The catch, because there was always a catch in this industry, was that performance was only achievable in specific circumstances. Turn on port monitoring or enable encryption and Ethernet switch performance would skid to a halt. A similar story may be brewing in the WAN optimization space. While vendors, such as Blu

David Greenfield

April 11, 2011

4 Min Read
Network Computing logo

In the early days of Ethernet switch vendors, IT organizations would routinely hear vendors profess to deliver better line rate performance at 20 percent less than the market leader. The catch, because there was always a catch in this industry, was that performance was only achievable in specific circumstances. Turn on port monitoring or enable encryption and Ethernet switch performance would skid to a halt. A similar story may be brewing in the WAN optimization space. While vendors, such as Blue Coat, Riverbed, and Silverpeak, rush to tell us about how they can achieve incredible performance improvement, turning an OC-3 into an OC-12, other limiting factors may prevent end users from actually seeing those numbers.

Often the problems occur when vendors seek to enable new features on their existing hardware platform. Riverbed had this very problem with encryption, for example, until it added hardware assistance a few years ago. BlueCoat continues to have the same problem in that enabling HTTPS dramatically drops performance. The number of new connections processed per second drops by about 60 percent when doing http vs. https.

Different traffic types will also impact your performance with WAN optimizers. BlueCoat, for example, can quintuple WAN performance, but then there are the details. Static Web pages will be accelerated significantly faster because of BlueCoat's caching. A long data stream, though, doesn't play with the BlueCoat byte cache, which needs interruptions in the connections to update the cache. I'm hearing that performance starts to degrade on long flows at around 200 Mbit/s.

LAN side throughput is another potential problem area. In some instances, LAN side throughput will vary within a vendor's own solution depending upon how it is configured. For example, Riverbed touts different LAN side throughput depending upon the deduplication mode for the appliances. What I've heard from the street is that the one designed for maximum replication throughput - SDR-M - delivers anywhere from 150 Mbps to 400 Mbps, well short of the 1 Gbits/s interface.

It's a point strongly contested by Riverbed. "The primary reason why we created the SDR-M feature was for customers that were looking for faster performance," responded Dan Sorenson, Riverbed's spokesperson in an e-mail. "Riverbed's 5050 tests show that the enablement of the SDR-M feature consistently INCREASES maximum LAN-side throughput, rather than decreasing it. The increase in speed results from the 5050 more quickly writing data directly to memory vs. the slower process of writing data to spinning disk." Sorenson also pointed to other modes, such as SDR-A and larger boxes, to address higher performance requirements.However, even when WAN optimizers have the right traffic to reach their full throughput they can be gated by other factors, such as the number of TCP connections, in the case of most WAN optimizers who offer application-layer optimizations, and IP packet flows, in the case of Silver Peak who offers network-layer optimizations. A WAN optimizer that supports 2,000 connections or flows will stop optimizing traffic when it reaches the 2,001st connection or flow- even where more LAN/WAN throughput is possible.

Silver Peak makes a huge deal of this fact pointing out that it offers 250,000 flows over a single box vs. the "mere" 100,000 TCP connections provided by Riverbed's top end box, the 7050. Requiring plenty of connections or flows may not be an issue for data replication, where there are a limited number of connection or flows between the source and the target, but this can be an issue when a single box in a data center services thousands of users accessing the same servers or hosts.

IT managers should look beyond the hyperbole and realistically assess their own traffic profiles to see how many connections are really needed. Riverbed, for examples, estimate that each VDI user requires three TCP connections so even on a single box an organization would "only" be able to theoretically optimize 20,000 VDI connections - plenty for most organizations.

Traffic performance games and claims have always been something that IT vendors have played and will play. Never has that rule been truer than with WAN optimization. With the ability to save real dollars by improving WAN connections, WAN optimization vendors are encouraged to tout ever greater levels of performance. But those numbers may have little bearing on your reality. As the commercial goes, your mileage though will vary significantly with your experience.

"There are cases where network-layer optimization will perform as well as or better than application-layer optimization. Then there are instances, like in the case of Microsoft CIFS or Citrix ICA, where application-specific optimizations can make a big difference," says Joe Skorupa, research vice president at Gartner, "It all depends on the traffic mix and network conditions." 

About the Author(s)

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights